[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Infrastructure for authentication using referrals
Luiz M Oliveira <85marcelo@gmail.com> writes:
> Hello everyone
>
> I'm having trouble configuring a distributed environment directories. I have the following
> scenario:
>
> A company with three departments (departments A, B and C) separated geographically. In each
> department a server is configured to store user input for authentication.
>
> The suffix of the directory of the three departments are configured as
>
> dc = company, dc = com
>
> Below the root directory of the three branches are configured. Using the example of the
> department A:
>
> Department_A dc =, dc = company, dc = com: has the user input in that department.
> departamento_B dc =, dc = company, dc = com: stores a referral to server B department
> departamento_C dc =, dc = company, dc = com: stores a referral to server B from the
> Department
>
> All departments follow this structure, but each department is set up a referral for other
> outlying departments.
>
> If a user of the department is located on the department network and B want to authenticate to
> that site, to query the server B, you receive a referral for their department of origin.
>
> Can I implement this authentication scenario, with all servers using the same suffix and below
> referrasl implemented for the branches of foreign departments?
I would probably define subordinate ldap backends instead of
referrals. Something like
database ldap
suffix ou=department_A,dc=company,dc=com
...
subordinate
database ldap
suffix ou=department_B,dc=company,dc=com
...
subordinate
database hdb
suffix dc=company,dc=com
...
-Dieter
--
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6